Claims: 



1 . A system for distributed storage and reconstruction of a data set containing 
sensitive information, said system comprising: 

an array of multiple stores; and 

logic for randomly dispersing successive granular portions of data in said set 
into said stores, each said granular portion containing only information of a non- 
sensitive nature; whereby extraction of sensitive information in said data set from 
unauthorized access to data contained in said stores is extremely unlikely to occur. 

2. A system in accordance with claim 1 wherein said logic for randomly dispersing 
comprises: 

logic to transfer successive said granular portions into randomly selected block 
queues in an array of multiple block queues; each block queue holding multiple 
granular portions; 

logic to detect when any of said block queues becomes filled; contents of each 
said filled block queue having only non-sensitive information; and 

logic responsive to detection that a said block queue has become filled to 
transfer contents of the respective filled block queue to a randomly selected one of said 
stores in said array of stores. 

3. A system in accordance with claim 1 wherein said processing subsystem is 
connected to said storage subsystem through a data communication network. 

4. A system in accordance with claim 3 wherein said network comprises a local 
area network (LAN). 

5. A system in accordance with claim 3 wherein said network extends 
through the Internet. 

6. A system in accordance with claim 2 comprising: 

logic for retaining metadata indicating locations of said granular portions of said 
data set within said array of stores; and 

logic for using said retained metadata to retrieve said randomly dispersed 
granular portions from said stores and to reassemble the retrieved portions into their 
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original positional relations in said data set. 

7. A system in accordance with claim 6 wherein said retained metadata is 
enciphered and said logic for using said metadata to retrieve said granular portions 
includes logic for deciphering said retained metadata. 

8. A system in accordance with claim 6 wherein said metadata 

contains representations of storage file names assigned to blocks of data in said stores 
containing randomly dispersed portions of said data set, and information indicating 
locations within said blocks of specific portions of said data set. 

9. A system in accordance with claim 6 wherein said data set is in the form of a 
table having rows and columns, said dispersed portions are located originally at 
intersections of said rows and columns, and said retained metadata includes 
information for repositioning retrieved granular portions of said data set into specific 
row and column intersects of said table at which said portions were originally located 
prior to their dispersal into said stores. 

10. A system in accordance with claim 6 wherein said retained metadata includes 
information defining storage locations of associated stored data blocks and of locations 
within each block of randomly dispersed granular elements of sensitive data contained 
in the respective block; and wherein said metadata is stored in an encrypted form. 

11. A system in accordance with claim 2 wherein said logic is embodied in 
software for executing respective logical functions. 

12. A system in accordance with claim 6 wherein each said filled block is stored 

in plural selected ones of said stores in said array of stores; whereby failure of any one 
of said plural stores would not prevent retrieval of the respective filled block. 

1 3. A method for storing and reconstructing a set of data containing sensitive 
information, in a manner such that unauthorized access to the data as stored would not 
reveal any of said sensitive information, said method comprising: 

transferring successive granular components of said set into randomly selected 
block queues in an array of multiple block queues; each said component being void of 
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said sensitive information; each said block queue having capacity to store multiple said 
components; 

monitoring said block queues to detect when they are full; 

transferring content of each said full block queue to a randomly selected store in 
an array of multiple stores; 

retaining metadata defining locations of said blocks of data in said stores and 
locations of individual said granular components within each said block; and 

reassembling said data set by using said retained metadata to: (a) retrieve 
blocks of data containing all of the randomly dispersed granular components of said 
data set; (b) extract all of said randomly dispersed granular components of said data 
set from said retrieved data blocks; and (c) rearrange the extracted components into 
their original format within said data set. 

1 4. The method of claim 1 3 wherein transferral of said full block queues to said 
stores is performed through a data communication network. 

1 5. The method of claim 14 wherein said network includes a local area network. 

16. The method of claim 14 wherein said network extends through the Internet. 

1 7. The method of claim 1 3 wherein said retained metadata is ordered in 
correspondence to positions of said granular components within said data set as 
originally constituted. 

1 8. The method of claim 1 7 wherein said retained metadata is enciphered and 
requires deciphering to be useful for locating said granular components. 

1 9. The method of claim 1 7 wherein said data and said metadata 
are organized in tables having corresponding rows and columns. 

20. The method of claim 1 3 wherein said transfers of said granular components to 
said block queues and transfers of said full block queues to said stores are performed 
by software. 



21 . The method of claim 1 3 wherein content of each said full block queue is stored 
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redundantly in plural said stores, so that failure of access to any one of said stores 
would not prevent retrieval of the respective block queue contents contained in the 
respective store, and therefore would not prevent reassembly of said data set. 

22. For a data handling and storage system, in which granular portions of 
data sets containing sensitive information are randomly dispersed in stores subject to 
orderly retrieval and reconstruction of respective sets, software installable in said 
system via computer-readable media, said software comprising: 

elements for controlling functions requisite to said random dispersal of said 
granular portions; and 

elements for controlling functions requisite to said orderly retrieval of said 
granular portions and reconstruction of said data sets. 
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